Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
EASM mistakes waiting to happen
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
JR0ch17
January 25, 2022
Technology
60
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
EASM mistakes waiting to happen
JR0ch17
January 25, 2022
More Decks by JR0ch17
See All by JR0ch17
Traversing my way in the internal network
jr0ch17
0
190
Getting Started in Bug Bounty
jr0ch17
0
170
Getting Blindly Lucky
jr0ch17
0
110
Qu'est-ce que le bug bounty?
jr0ch17
0
160
Finding 5 bugs in a single parameter
jr0ch17
0
120
Beyond the Borders of Scope
jr0ch17
1
110
Bad API, hAPI Hackers!
jr0ch17
0
1.6k
Other Decks in Technology
See All in Technology
AI-DLCを “そのまま導入しなかった”話 ~組織に合わせてアジャストした 私たちの実践共有~
hiroramos4
PRO
0
210
Oracle Cloud Infrastructure:2026年6月度サービス・アップデート
oracle4engineer
PRO
0
130
【2026年版】 ベクトル検索とEmbedding最前線
mocobeta
16
4.3k
データレイクの「見えない問題」を可視化する
sansantech
PRO
1
100
2026年6月23日 Syncable Tech + Start Python Club にて
hamukazu
0
140
手塩にかけりゃいいってもんじゃない
ming_ayami
0
610
就職⽀援サービスにおけるキャリアアドバイザーのシフトスケジューリング
recruitengineers
PRO
1
150
AWS Security Hub CSPMの成功・失敗体験
cmusudakeisuke
0
260
OTel × Datadog で 「AI活用」を計測し、改善に繋げる
shihochan
1
420
2026TECHFRESH畢業分享會 - 葬送的通靈師:化系統與用戶雜訊成行動訊號
line_developers_tw
PRO
0
1.3k
アジャイルな経理と Claude Code と 経営の未来
kawaguti
PRO
3
160
いまさら聞けない「仕様駆動開発入門」 〜AI活用時代の開発プロセスを考える〜
findy_eventslides
2
160
Featured
See All Featured
The SEO identity crisis: Don't let AI make you average
varn
0
490
The browser strikes back
jonoalderson
0
1.3k
How to Talk to Developers About Accessibility
jct
2
240
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
Making the Leap to Tech Lead
cromwellryan
135
9.9k
Building the Perfect Custom Keyboard
takai
2
800
Fashionably flexible responsive web design (full day workshop)
malarkey
408
66k
Automating Front-end Workflow
addyosmani
1370
210k
Rebuilding a faster, lazier Slack
samanthasiow
85
9.5k
Test your architecture with Archunit
thirion
1
2.3k
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
1
1.3k
Deep Space Network (abreviated)
tonyrice
0
210
Transcript
EASM mistakes waiting to happen
GET /whoami HTTP/2 Jasmin Landry JR0ch17 Lead, IT & Security
at Montreal Canadiens fan
GET /agenda HTTP/2 EASM Common mistakes Hacker perspective
GET /EASM HTTP/2 What exactly is EASM? What does it
cover? Why is it important?
GET /common_mistakes HTTP/2 Lack of Change Management Not respecting Least
Privilege Misconfigured WAFs Cloud misconfigs (S3 buckets)
GET /hacker_perspective HTTP/2 • Subdomains • IPs • TLS certificates
• Third-party apps Recon EVERYTHING • Monitor for new assets • Monitor any change Continuous Monitoring
GET /thanks HTTP/2 Thank you for listening Questions? More questions?
DMs are open on and
SiteGround - Reliable hosting with speed, security, and support you can count on.
jr0ch17
hiroramos4
oracle4engineer
mocobeta
sansantech
hamukazu
ming_ayami
recruitengineers
cmusudakeisuke
shihochan
line_developers_tw
kawaguti
findy_eventslides
varn
jonoalderson
jct
sstephenson
cromwellryan
takai
malarkey
addyosmani
samanthasiow
thirion
aleyda
tonyrice
